ABSTRACT OF THE DISCLOSURE 


[0087] The present invention provides a methodology for certifying software for 

essential and security-critical systems. The system and method provide a 
methodology and corresponding analysis engines increase the level of confidence that 
common vulnerabilities are not present in a particular application. A pipeline system 
consisting of independent modules which involve increasingly complex analysis is 
disclosed. The pipeline approach allows the user to reduce computation time by 
focusing resources on only those code segments which were not eliminated 
previously in the pipeline. The first step of the pipeline consists of flagging all 
potential vulnerabilities contained in an extendible vulnerability knowledge database 
(VKdb). This stage then filters vulnerabilities based on context information and 
passes them to the second stage. The second stage performs complex static analysis 
on the vulnerabilities and passes the remaining ones to a dynamic analysis stage. The 
pipeline approach allows very effective use of computation time and is the basis for 
our software certification methodology. 
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